This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Welcome to the TRETC 2016 mobile app! 

**Note: Logging in or creating a profile on Sched DOES NOT register you for TRETC; you MUST register HERE in order to be considered a participant in the conference.**

You can use your email to sign in, add a photo and bio, customize your schedule and stay connected throughout the conference. Connect with your social networks to automatically fill in your information and connect with your contacts. You can make profile edits from the desktop site, available in the main menu, and in the top left of the mobile site. #TRETC2016
View analytic
Tuesday, November 8 • 1:00pm - 2:00pm
Establishing a right-sized Information Security Program for K12 LIMITED
Limited Capacity seats available

As threats to technology systems and data are on an exponential rise, the development of an information security program becomes critically important to combat and address technology risk.   An effective Information Security and risk management goes well beyond the implementation of just security enforcement technologies and products.  It is the intersection of People, Process and Technology that creates a risk management lifecycle capable of being repeatable and sustainable within an organization.   Using a continuous risk management approach it helps an organization address the ever-changing threat and vulnerability landscape to systems and data.

Program Objectives:


Attendees will learn about developing an Information Security Program using a continuous risk management lifecycle approach.   We will identify the components of a security program, review the continuous risk management methods and demonstrate how these concepts can be designed to fit into any organization regardless of size or industry.  We will review a sample of leading information security frameworks, standards and control structures that can be used as a foundation to building an effective continuous risk management program.  Discussions on how and where to get started on building a continuous risk management program will be presented with recommendations on how to get started in your organization. 


John A. Otte

Principal Security Strategist Lead Auditor, ePlus Technology Inc
John A. Otte, C|CISO, CISSP, CISA, CISM, MBA, MSIA, ISO 27001 Lead Auditor | ePlus Technology, inc - Principal Security Strategist | | John is the Principal Security Strategist for ePlus. John is an accomplished Information Security and data protection professional with over 15 years of Systems Security Audit and controls experience. His vast experience includes over 20 years of Information Technology and engineering experience in the US... Read More →

Tuesday November 8, 2016 1:00pm - 2:00pm
Room 318

Attendees (2)